Trait soup::prelude::AuthDomainExt

source · 
pub trait AuthDomainExt: IsA<AuthDomain> + Sealed + 'static {
    // Provided methods
    fn accepts(&self, msg: &ServerMessage) -> Option<GString> { ... }
    fn add_path(&self, path: &str) { ... }
    fn challenge(&self, msg: &ServerMessage) { ... }
    fn check_password(
        &self,
        msg: &ServerMessage,
        username: &str,
        password: &str
    ) -> bool { ... }
    fn covers(&self, msg: &ServerMessage) -> bool { ... }
    fn realm(&self) -> Option<GString> { ... }
    fn remove_path(&self, path: &str) { ... }
    fn set_filter<P: Fn(&AuthDomain, &ServerMessage) -> bool + 'static>(
        &self,
        filter: P
    ) { ... }
    fn set_generic_auth_callback<P: Fn(&AuthDomain, &ServerMessage, &str) -> bool + 'static>(
        &self,
        auth_callback: P
    ) { ... }
    fn is_proxy(&self) -> bool { ... }
    fn connect_filter_data_notify<F: Fn(&Self) + 'static>(
        &self,
        f: F
    ) -> SignalHandlerId { ... }
    fn connect_generic_auth_data_notify<F: Fn(&Self) + 'static>(
        &self,
        f: F
    ) -> SignalHandlerId { ... }
}
Expand description

Trait containing all AuthDomain methods.

§Implementors

AuthDomainBasic, AuthDomainDigest, AuthDomain

Provided Methods§

source

fn accepts(&self, msg: &ServerMessage) -> Option<GString>

Checks if @msg contains appropriate authorization for @self to accept it.

Mirroring covers(), this does not check whether or not @self cares if @msg is authorized.

This is used by Server internally and is probably of no use to anyone else.

§msg

a #SoupServerMessage

§Returns

the username that @msg has authenticated as, if in fact it has authenticated. None otherwise.

source

fn add_path(&self, path: &str)

Adds @path to @self.

Requests under @path on @self’s server will require authentication (unless overridden by remove_path() or set_filter()).

§path

the path to add to @self

source

fn challenge(&self, msg: &ServerMessage)

Adds a “WWW-Authenticate” or “Proxy-Authenticate” header to @msg.

It requests that the client authenticate, and sets @msg’s status accordingly.

This is used by Server internally and is probably of no use to anyone else.

§msg

a #SoupServerMessage

source

fn check_password( &self, msg: &ServerMessage, username: &str, password: &str ) -> bool

Checks if @msg authenticates to @self via @username and @password.

This would normally be called from a `callback::AuthDomainGenericAuthCallback.

§msg

a #SoupServerMessage

§username

a username

§password

a password

§Returns

whether or not the message is authenticated

source

fn covers(&self, msg: &ServerMessage) -> bool

Checks if @self requires @msg to be authenticated (according to its paths and filter function).

This does not actually look at whether @msg is authenticated, merely whether or not it needs to be.

This is used by Server internally and is probably of no use to anyone else.

§msg

a #SoupServerMessage

§Returns

true if @self requires @msg to be authenticated

source

fn realm(&self) -> Option<GString>

Gets the realm name associated with @self.

§Returns

@self’s realm

source

fn remove_path(&self, path: &str)

Removes @path from @self.

Requests under @path on @self’s server will NOT require authentication.

This is not simply an undo-er for add_path(); it can be used to “carve out” a subtree that does not require authentication inside a hierarchy that does. Note also that unlike with add_path(), this cannot be overridden by adding a filter, as filters can only bypass authentication that would otherwise be required, not require it where it would otherwise be unnecessary.

§path

the path to remove from @self

source

fn set_filter<P: Fn(&AuthDomain, &ServerMessage) -> bool + 'static>( &self, filter: P )

Adds @filter as an authentication filter to @self.

The filter gets a chance to bypass authentication for certain requests that would otherwise require it. Eg, it might check the message’s path in some way that is too complicated to do via the other methods, or it might check the message’s method, and allow GETs but not PUTs.

The filter function returns true if the request should still require authentication, or false if authentication is unnecessary for this request.

To help prevent security holes, your filter should return true by default, and only return false under specifically-tested circumstances, rather than the other way around. Eg, in the example above, where you want to authenticate PUTs but not GETs, you should check if the method is GET and return false in that case, and then return true for all other methods (rather than returning true for PUT and false for all other methods). This way if it turned out (now or later) that some paths supported additional methods besides GET and PUT, those methods would default to being NOT allowed for unauthenticated users.

You can also set the filter by setting the SoupAuthDomain:filter and filter-data properties], which can also be used to set the filter at construct time.

§filter

the auth filter for @self

§filter_data

data to pass to @filter

source

fn set_generic_auth_callback<P: Fn(&AuthDomain, &ServerMessage, &str) -> bool + 'static>( &self, auth_callback: P )

Sets @auth_callback as an authentication-handling callback for @self.

Whenever a request comes in to @self which cannot be authenticated via a domain-specific auth callback (eg, callback::AuthDomainDigestAuthCallback), the generic auth callback will be invoked. See callback::AuthDomainGenericAuthCallback for information on what the callback should do.

§auth_callback

the auth callback

§auth_data

data to pass to @auth_callback

source

fn is_proxy(&self) -> bool

Whether or not this is a proxy auth domain.

source

fn connect_filter_data_notify<F: Fn(&Self) + 'static>( &self, f: F ) -> SignalHandlerId

source

fn connect_generic_auth_data_notify<F: Fn(&Self) + 'static>( &self, f: F ) -> SignalHandlerId

Object Safety§

This trait is not object safe.

Implementors§